Search results
1 – 2 of 2As the number of available services increases on the web, it becomes greatly vital in service-oriented computing to discover a trustworthy service for a service composition so as…
Abstract
Purpose
As the number of available services increases on the web, it becomes greatly vital in service-oriented computing to discover a trustworthy service for a service composition so as to best-fit business requirements. However, some dishonest service providers may advertise more than what they can offer and cause a great loss to users. In the last few years, trust and reputation management over web service selection mechanism becomes an emerging way of dealing with security deficiencies which are inherent in web services environment. The purpose of this paper is to review the security threats carefully and expect that the results serve as a reference guide for designing the robust trust and reputation management mechanisms.
Design/methodology/approach
Based on the published literature, the paper reviews and categorizes the most critical and important security threats that apply to trust and reputation models.
Findings
A detailed review and a dedicated taxonomy table are derived. As emphasized earlier, they could serve as the most important guideline for design of trust and reputation mechanisms.
Originality/value
The papers work contributes to: first, understand in details what kind of security threats may cause damage to trust and reputation management mechanisms for web services selection; and second, categorize these complex security threats and then assist in planning the defense mechanisms.
Details
Keywords
Dong‐Her Shih, Po‐Ling Sun and Binshan Lin
To provide the secure web services framework in an environment designed to integrate RFID system into the EPCglobal Network.
Abstract
Purpose
To provide the secure web services framework in an environment designed to integrate RFID system into the EPCglobal Network.
Design/methodology/approach
Utilizing web services helps maximize the value of information generated from RFID systems and, taking advantage of web services security (WSS) technology, to provide an XML‐based abstraction layer for established security technologies that delivers confidentiality, integrity, authentication, authorization, and non‐repudiation in EPCglobal Network.
Findings
This paper inspects four cases of trust relationships in one‐to‐one and one‐to‐many teamwork models that exemplify how the proposed WSS specifications being used in industry‐wide EPCglobal Network are envisioned. For each of these cases the different security strategies were proposed. Also a comparative view is given, of discussed security strategies which businesses may wish to consult.
Originality/value
This first proposed secure framework integrating web services and WSS technology to industry‐wide EPCglobal Network will provide business an integration and collaboration capabilities, which make it easier for trading partners to electronically share real‐time RFID data and conduct transactions in an accurate, complete, highly controlled, and secure environment.
Details